Amendments to the Claims 

1-10. (canceled) 

1 1 . (currently amended) A computer program product for use with a client-server computer 
network, the network comprising a set of server computers and a set of client computers, said 
computer program product comprising a computer usable medium having computer readable 
program code m e ans embodied in said medium for providing authentication of cookies, said 
computer program product comprising: 

a. computer readable program code m e ans for e nabling a first operative to enable 
one or more of the set of client computers communicating with a first one of th e s e t of 
server computers to provide client- identifying data to th e first one or more of the set of 
server computers, 

b. computer readable program code m e ans for e nabling th e first operative to provide 
a unique server-identifier for each one of the set of server computers to requ e st a privat e 
k e y and an associat e d public k e y from a public e ncryption syst e m , 

c. computer readable program code m e ans for causing th e first operative to enable 
each one of the set of server computers to maintain th e request a private key in a dynamic 
m e mory devic e and an associated public key from a public key encryption system . 
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d. computer readable program code moans for causing the first operative to enable 
each one of the set of server computers to maintain store the pubiie- requested private key 
in a databas e availabl e to th e s e t of serv e r comput e rs, dynamic memory device on the 
server computer, only, 

e. computer readable program code m e ans for e nabling th e first operative to enable 
each one of the set of server computers to g e n e rat e a cookie for th e first on e of store the 
requested public key in a database available to the set of cli e nt comput e rs, th e cooki e 
comprising data corr e sponding to th e id e ntifying data provided by th e first on e of the s e t 
of cli e nt comput e rs server computers, and to associate the stored public key requested by 
the server computer with the unique server-identifier for the server computer , 

f. computer readable program code m e ans for causing th e first operative to enable 
each one of the set of server computers to generate a digital signature for th e cooki e , 
cookies for one or more of the set of client computers, each generated cookie comprising 
data corresponding to the client-identifying data provided by the one or more of the set of 
client computers and comprising the value of the server-identifier assigned to the 
generating server, 

g. computer readable program code m e ans for causing th e first operative to enable 
each one of the set of server computers to e ncrypt th e generate an encrypted digital 
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signature for each generated cookie using the public k e y e ncryption system and the 
requested private ke y stored in dynamic memory on the server computer . 

h. computer readable program code m e ans for e nabling the first operative to enable 
each one of the set of server computers to forward th e cooki e cookies and the their 
associated encrypted digital signatur e signatures to the first on e of th e s e t of client 
computers corresponding to the identifying data provided , 

i. computer readable program code means for e nabling the first on e of th e s e t of 
cli e nt comput e rs to communicat e with a s e cond on e of the s e t of s e rv e r comput e rs, and in 
r e spons e , th e s e cond on e of th e s e t of s e rv e r comput e rs to r e quest and r e c e iv e th e cooki e 
and th e e ncrypted digital signatur e from th e first operative to enable each one of the set of 
server computers to receive cookies with encrypted digital signatures from one or more 
of the set of client computers, and 

j . computer readable comput e r p rogram code m e ans for causing th e s e cond 
operative to enable each one of the set of server computers to extract server-identifying 
data from received cookies to retrieve th e public key for th e e ncrypted digital signature 
from th e database and to d e crypt th e digital signatur e using th e public k e y e ncryption 
syst e m and th e retri e v e d public k e y, and k. comput e r r e adabl e program cod e m e ans for 
e nabling th e s e cond on e of th e s e t of s e rv e r computers to us e th e d e crypt e d digital 
signatur e to auth e nticat e th e cooki e r e c e iv e d from th e first on e of th e s e t of client 
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comput e rs associated public keys from the database for use in decrypting digital 
signatures for received cookies and thereby to authenticate the said cookies . 

12. (currently amended) The computer program product of claim 11, further comprisingr 

computer readable program code means for assigning a uniqu e s e rv e r identifi e r to 

eaeh responsive to the restart of a one of the set-e^server computers^ comput e r 

r e adabl e program cod e m e ans for associating a corresponding serv e r identifi e r with each 
public k e y maintain e d in th e databas e , and and operative to request a replacement private 
key and an associated replacement public key. 



computer readable program code operative to cause the replacement private key to be 
stored in the dynamic memory of the server computer, and 



computer readable program code m e ans for r e tri e ving operative to cause the 

replacement public keys key to be stored in the database by r e f e r e nc e to a server 
id e ntifi e r . 



13. (currently amended) The computer program product of claim 44 12^ further comprising 
computer readable program code m e ans for removing on e or mor e public k e ys from th e database 
wh e n th e on e or mor e public k e ys hav e b ee n maintained operative to cause the deletion of public 
keys in the database where such keys have been stored for longer than a pr e s e l e ct e d 
predetermined elapsed time. 
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14. (currently amended) A method for providing authentication of cookies in a client-server 
computer network, the network comprising a set of server computers and a set of client 
computers, each one of the set of server computers having a unique server-identifier, the method 



comprising the following steps: 



a. a first one of the set of client computers communicating with providing client- 
identifying data to a first one of the set of server computers, th e first on e of th e s o t of 
cli e nt comput e rs providing id e ntifying data to th e first on e of th e sot of s e rv e r comput e rs, 

b. the first one of the set of server computers requesting a private key and an 
associated public key from a public key encryption system, 

c. the first one of the set of server computers maintaining storing the requested 
private key in a dynamic memory device ? on the first server computer, only, 

d. the first one of the set of server computers maintaining causing the requested 
public ke y to be stored in a database available to each one of the set of server computers, 
and to associate the stored public key with the unique server-identifier for the first one of 
the set of server computers. 
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e. the first one of the set of server computers generating a cookie for the first one of 
the set of client computers, the cookie comprising data corresponding to the client- 
identifying data provided by the first one of the set of client computers, and comprising 
the value of the server-identifier for the first one of the set of server computers, 

f. the first one of the set of server computers generating a an encrypted digital 
signature for the cookie using the private key stored in dynamic memory of the first one 
of the set of server computers , 

g. the first one of the set of server computers e ncrypting th e forwarding the cookie 
including the associated encrypted digital signature using th e public k e y encryption 
syst e m and th e privat e k e y to the first one of the set of client computers , 

h. the first one of the set of s e rv e r computers forwarding th e cooki e and th e 
associat e d client computers communicating with a second one of the set of server 
computers, and in response, the second one of the set of server computers requesting and 
receiving the cookie including the encrypted digital signature te from the first one of the 
set of client computers, 

i. the first on e of th e s e t of client computers communicating with a second one of 
the set of server computers , and in r e spons e , th e s e cond on e of th e s e t of s e rv e r 
comput e rs r e qu e sting and r e c e iving th e cooki e and th e e ncrypted digital signatur e from 
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th e first one of th e s e t of client comput e rs, j. tho s e cond one of the s e t of s e rv e r 
comput e rs extracting server-identifying data from the received cookie to retrieve the 
associated p ublic key for the encrypted digital signature from the database and -for use in 
decrypting the digital signature using th e public k e y e ncryption syst e m and th e r e tri e v e d 
public k e y, k. th e s e cond one of th e set of s e rv e r comput e rs using th e d e crypted digital 
signatur e to auth e nticat e the cooki e r e ceiv e d from th e first on e of tho s e t of client 
comput e rs, for the received cookie and thereby authenticating the cookie. 

15. (currently amended) The method of claim 14 comprising the further steps of: 

Br. assigning a uniqu e s e rv e r id e ntifi e r to e ach the first one of the set of server 

computers^ b. associating a corr e sponding s e rv e r id e ntifi e r with e ach public key 
maintain e d in th e databas e , and c. — r e tri e ving public k e ys in the databas e by r e f e r e nce 
to a s e rver id e ntifi e r, requesting a replacement private key and an associated replacement 
public key in response to a restart, 

storing the replacement private key in the dynamic memory of the server computer, and 
storing the replacement public key in the database. 

16. (currently amended) The method of claim 14 comprising the further step of removing 
on e or mor e deleting public keys from th e databas e wh e n th e one or mor e public k e ys have been 
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maintain e d in the database where such keys have been stored for longer than a pr e s e l e ct e d 
predetermined elapsed time. 
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